Sat, 27 May 2017 15:49:40 +0100 Wed, 15 Apr 2020 11:04:27 +0100 https://twit.tv/shows/security-now en-US This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/ 14400 Technology Security http://twit.cachefly.net/coverart/sn/sn144audio.jpg https://twit.tv/shows/security-now 144 144 TWiT Steve Gibson discusses the hot topics in security today with Leo Laporte. Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC. Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live at https://twit.tv/live every Tuesday. TWiT, Technology, Steve Gibson, Leo Laporte, security, spyware, malware, hacking, cyber crime, encryption false no Leo Laporte distro@twit.tv Wed, 18 Dec 2013 18:00:00 -0800 http://media.grc.com/sn/sn-435-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-435-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed. Wed, 11 Dec 2013 18:00:00 -0800 http://media.grc.com/sn/sn-434-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-434-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed. Wed, 04 Dec 2013 18:00:00 -0800 http://media.grc.com/sn/sn-433-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-433-lq.mp3 After catching up with the week's more interesting Security News and my Miscellany (such as NASA working on an FTL Warp Drive!) Leo & I take a closer look at "BULLRUN", the NSA's code name for their encryption cracking initiative, to speculate upon just what the NSA might be doing... and capable of doing. Wed, 27 Nov 2013 18:00:00 -0800 http://media.grc.com/sn/sn-432-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-432-lq.mp3 Following another week overfilled with interesting security-related news, Steve and Leo spend an hour and a half diving deeply into an updated (and likely very close to correct) understanding of the COIN payment card, news on the CryptoLocker front, a close look at a patent troll case that has so far done the wrong way, and much more. Wed, 20 Nov 2013 18:00:00 -0800 http://media.grc.com/sn/sn-431-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-431-lq.mp3 After catching up on another whirlwind week of really interesting Internet security news, Leo and I provide a brief overview of "RADIUS" - the 22-year-old pervasive, but often unseen, protocol and system for providing wide area network user authentication and accounting. Wed, 13 Nov 2013 18:00:00 -0800 http://media.grc.com/sn/sn-430-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-430-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed. Wed, 06 Nov 2013 18:00:00 -0800 http://media.grc.com/sn/sn-429-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-429-lq.mp3 The past week was so jam-packed with so much fun and interesting security news that we had a hard time just fitting it all in. So this week's podcast is news, news, news! Wed, 30 Oct 2013 18:00:00 -0800 http://media.grc.com/sn/sn-428-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-428-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 23 Oct 2013 18:00:00 -0800 http://media.grc.com/sn/sn-427-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-427-lq.mp3 So much happened during the past week that today's podcast will consist of a series of rather deep dives into the many interesting things we have to discuss. Wed, 16 Oct 2013 18:00:00 -0800 http://media.grc.com/sn/sn-426-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-426-lq.mp3 After following-up on a week chockful of interesting security news, Steve and Leo continue with their discussion of SQRL, the Secure QR code Login system, to discuss two recent innovations in the system that bring additional valuable features. Wed, 09 Oct 2013 18:00:00 -0800 http://media.grc.com/sn/sn-425-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-425-lq.mp3 Following up on last week's "SQRL - Secure QR Login" podcast, this week's Q&A focuses upon the many interesting questions my description of a new approach to secure website login sparked in the minds of the podcast's listeners. And, of course, we also catch up with the week's news. Wed, 02 Oct 2013 18:00:00 -0800 http://media.grc.com/sn/sn-424-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-424-lq.mp3 After catching up with the week's minimal security news, Tom and I take the wraps off of "SQRL" (pronounced "squirrel"), Steve's recent brainstorm to propose a truly practical replacement for always-troublesome website login usernames and passwords. Wed, 25 Sep 2013 18:00:00 -0800 http://media.grc.com/sn/sn-423-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-423-lq.mp3 After catching up with the week's news, and following the news that Apple's new iPhone Touch ID system was spoofed within days of its release, Tom and I take a much closer look at the technology and application of Apple's Touch ID system, examining the reports of its early demise. Wed, 18 Sep 2013 18:00:00 -0800 http://media.grc.com/sn/sn-422-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-422-lq.mp3 Tom and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 11 Sep 2013 18:00:00 -0800 http://media.grc.com/sn/sn-421-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-421-lq.mp3 After covering this month's Patch Tuesday events and catching up with the past week's security news, Leo & I examine the week's most troubling and controversial revelations: the NSA's reported ability to crack much of the Internet's encrypted traffic. We explain how different the apparent reality is from the headlines, Wed, 04 Sep 2013 18:00:00 -0800 http://media.grc.com/sn/sn-420-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-420-lq.mp3 After catching up with a lot of interesting security news, Leo and I examine the operation and technology of the new Bitmessage secure and anonymous Internet messaging system. Wed, 28 Aug 2013 18:00:00 -0800 http://media.grc.com/sn/sn-419-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-419-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 21 Aug 2013 18:00:00 -0800 http://media.grc.com/sn/sn-418-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-418-lq.mp3 This week, Leo and I continue covering the consequences of the Snowden leaks and, with that in mind, we examine the Pretty Good Privacy (PGP) system for securely encrypting eMail and attachments. Wed, 14 Aug 2013 18:00:00 -0800 http://media.grc.com/sn/sn-417-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-417-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 07 Aug 2013 18:00:00 -0800 http://media.grc.com/sn/sn-416-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-416-lq.mp3 With last week's Las Vegas Black Hat 2013 and DEFCON conferences just completed, Leo and I examine the most significant and worrisome revelations to emerge from that annual convocation, and also discuss and dissect the week's top security news. Wed, 31 Jul 2013 18:00:00 -0800 http://media.grc.com/sn/sn-415-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-415-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 24 Jul 2013 18:00:00 -0800 http://media.grc.com/sn/sn-414-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-414-lq.mp3 This week we mix security news and updates with a discussion and analysis of the security industry's evolving reactions to the NSA/Snowden revelations. Leo and I examine several of the more significant news items and blogs relating to the issues of widespread Internet surveillance. Though it's not super technical, we believe you'll find it worth your time... and thought provoking. Wed, 17 Jul 2013 18:00:00 -0800 http://media.grc.com/sn/sn-413-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-413-lq.mp3 Though regularly scheduled to be a Q&A episode, Steve and Leo had SO MUCH to cover in the week's news that there was no time left for questions. We'll save those for episode #415 and this week enjoy a great discussion of the week's many events. We'll wrap up with a discussion of the wide range of "tinfoil" solutions available and their convenience versus security tradeoffs. Wed, 10 Jul 2013 18:00:00 -0800 http://media.grc.com/sn/sn-412-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-412-lq.mp3 After catching up with a bunch of interesting security news of the week and my Sci-Fi and SpinRite development updates, Leo and I explore the already existing SSL/TLS technology known as "Perfect Forward Secrecy," which becomes useful in a world where encrypted traffic is being captured and archived. Wed, 03 Jul 2013 18:00:00 -0800 http://media.grc.com/sn/sn-411-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-411-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 26 Jun 2013 18:00:00 -0800 http://media.grc.com/sn/sn-410-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-410-lq.mp3 After catching up with another post-PRISM week of security industry news, Leo and I wind up and release our propeller beanies for a deep dive into the early history of Intel processor memory management - which, it turns out, has direct application to Steve's current work on SpinRite v6.1. Wed, 19 Jun 2013 18:00:00 -0800 http://media.grc.com/sn/sn-409-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-409-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 12 Jun 2013 18:00:00 -0800 http://media.grc.com/sn/sn-408-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-408-lq.mp3 Leo and I remind our listeners that we just had another Microsoft Patch Tuesday. Then I detail and carefully lay down a solid foundation of theory of the operation of the NSA's PRISM program. This explains EVERYTHING about what the NSA is doing, and how. I even explain how and why the program got its name.Podcast Document Resources: 1, 2, 3, 4, 5 Wed, 05 Jun 2013 18:00:00 -0800 http://media.grc.com/sn/sn-407-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-407-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 29 May 2013 18:00:00 -0800 http://media.grc.com/sn/sn-406-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-406-lq.mp3 After covering the week's security news, Leo and I examine an interesting security protocol known as "Off The Record"(OTR) which has been specifically designed to protect conversational privacy, both as it happens and also in the future. Wed, 22 May 2013 18:00:00 -0800 http://media.grc.com/sn/sn-405-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-405-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 15 May 2013 18:00:00 -0800 http://media.grc.com/sn/sn-404-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-404-lq.mp3 After catching up with the past week's updates and security news, Iyaz and I share information presented by the Electronic Frontier Foundation (EFF) which describes how Facebook manages the privacy interactions with their third-party data warehouses and advertisers. Wed, 08 May 2013 18:00:00 -0800 http://media.grc.com/sn/sn-403-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-403-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 01 May 2013 18:00:00 -0800 http://media.grc.com/sn/sn-402-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-402-lq.mp3 After catching up with the week's security news, Leo and I examine everything that's currently known about the recently released "BitTorrent Sync" peer-to-peer file sharing and folder synchronizing application. (Everything seen so far looks 100% correct and VERY useful.) Wed, 24 Apr 2013 18:00:00 -0800 http://media.grc.com/sn/sn-401-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-401-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 17 Apr 2013 18:00:00 -0800 http://media.grc.com/sn/sn-400-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-400-lq.mp3 After catching up with a wild week of security events, Leo and I revisit a topic from the earliest episodes of the Security Now podcast: Virtual Private Networks (VPNs). This coincides with the introduction of a new sponsor on the TWIT network, proXPN, a VPN provider that truly looks like the right choice. Wed, 10 Apr 2013 18:00:00 -0800 http://media.grc.com/sn/sn-399-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-399-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 03 Apr 2013 18:00:00 -0800 http://media.grc.com/sn/sn-398-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-398-lq.mp3 After catching up with a busy week in the security space, Leo and I cover an intriguing topic in fundamental distributed Internet technology, Distributed Hash Tables, which is the somewhat awkward name for distributed database technology. Wed, 27 Mar 2013 18:00:00 -0800 http://media.grc.com/sn/sn-397-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-397-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 20 Mar 2013 18:00:00 -0800 http://media.grc.com/sn/sn-396-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-396-lq.mp3 This week was so chockful of things to discuss that we had no time to explore the fascinating technology and operation of Distributed Hash Tables. That discussion will be "tabled" for two weeks. This week, we look more closely into the somewhat troubling issues of SSL/TLS server security as revealed by SSLLabs.com, discuss the SWAT team arriving at Brian Krebs's home, examine the consequences of the revelation that 420 million routers are accepting trivial logins on their Telnet ports, and more! Wed, 13 Mar 2013 18:00:00 -0800 http://media.grc.com/sn/sn-395-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-395-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 06 Mar 2013 18:00:00 -0800 http://media.grc.com/sn/sn-394-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-394-lq.mp3 After catching up with this week's Java vulnerabilities and emergency updates, Leo and I examine the recent evolution of the public and free "Tor" Internet anonymizing network. We look at the network's updated operation and its new ability to offer "hidden services" in addition to hiding the identity and location of the services' users. Wed, 27 Feb 2013 18:00:00 -0800 http://media.grc.com/sn/sn-393-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-393-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 20 Feb 2013 18:00:00 -0800 http://media.grc.com/sn/sn-392-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-392-lq.mp3 We first converse with today's special guest, Brian Krebs, who for many years wrote for the Washington Post and is now publishing his own "Krebs on Security" blog. Our topic is "The Internet Underground." After that, we catch up with a somewhat busy and interesting week in Internet security. Wed, 13 Feb 2013 18:00:00 -0800 http://media.grc.com/sn/sn-391-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-391-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 06 Feb 2013 18:00:00 -0800 http://media.grc.com/sn/sn-390-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-390-lq.mp3 After covering "UPnP a week later" and catching up with some interesting security industry happenings, Leo and I take a look into the controversy surrounding the security (or lack thereof) of Kim Dotcom's new "Mega" cloud storage offering. Wed, 30 Jan 2013 18:00:00 -0800 http://media.grc.com/sn/sn-389-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-389-lq.mp3 Leo and I discuss the week's major security events—and the disastrous news of 81 million exposed vulnerable routers!—discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 23 Jan 2013 18:00:00 -0800 http://media.grc.com/sn/sn-388-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-388-lq.mp3 After catching up with a bunch of fun and interesting news of the week, Leo and I examine the future of anti-hacking password scrambling and storage with the introduction of "Memory Hard Problems," which are provably highly resistant to massive hardware acceleration. Wed, 16 Jan 2013 18:00:00 -0800 http://media.grc.com/sn/sn-387-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-387-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 09 Jan 2013 18:00:00 -0800 http://media.grc.com/sn/sn-386-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-386-lq.mp3 After catching up with a very busy week of interesting security news and events, Leo and I examine the growing privacy and security problems created by the ever more pervasive social widgets - Facebook's LIKE button, Google's +1, Twitter's Tweet!, and others - and they offer an easy-to-use free solution! Wed, 02 Jan 2013 18:00:00 -0800 http://media.grc.com/sn/sn-385-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-385-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.